The Senate Homeland Security Committee has introduced the broad cybersecurity legislation promised late last year by Senate majority leader Harry Reid (D-NV). But contrary to the fears of many—or perhaps because of them—the bill’s scope is tightly restrained, excluding the vast majority of commercial systems and Internet infrastructure itself from coverage.

In many ways, the 205-page Senate bill, called the Cyber Security Act of 2012, incorporates many of the aspects of the House’s cybersecurity bill, introduced in December. If enacted, it would grant a new authority to the Department of Homeland Security to oversee government information security measures, and to set “cybersecurity performance requirements” for companies and organizations that own systems DHS designates as “critical infrastructure.” It also sets standards for government network security, and creates a clearinghouse for sharing information about security threats. But it steers clear of establishing new regulation over the wider Internet, and specifically excludes regulation of commercial software and network services from coverage—perhaps because legislators want to avoid the backlash encountered over SOPA and PIPA.

Nortel Networks suffered a security breach that for almost a decade gave attackers with Chinese IP addresses access to executive network accounts, technical papers, employee emails and other sensitive documents at the once-thriving telecommunications firm, The Wall Street Journalreported (subscription required).

The publication, citing a former 19-year Nortel employee who oversaw the investigation into the hack, said Nortel did nothing to keep out the hackers except to change seven compromised passwords that belonged to the CEO and other executives. The company “made no effort to determine if its products were also compromised by hackers,” the WSJ said. Nortel, which sold off parts of its business as part of a 2009 bankruptcy filing, spent about six months investigating the breach and didn’t disclose it to prospective buyers.

The infiltration dated as far back as 2000 and allowed the hackers “access to everything,” Brian Shields, who was a senior adviser for systems security at Nortel, told the WSJ. By 2009—five years after a breach was first discovered, he found rootkits still burrowed deep into some of the laptops he examined. They were using an encrypted channel to send e-mail and other sensitive information to servers near Beijing.

Security experts call the type of attacks described in the report APTs, or advanced persistent threats. The term came into vogue in early 2010, following a disclosure by Google that it was the victim of a “highly sophisticated and targeted attack” that stole intellectual property and information used to spy on Gmail users. APTs differ from financially motivated attacks in that they’re aimed at a particular company or group of companies and the hackers behind them are willing to remain dormant for months or years so they can surreptitiously access as much sensitive data as possible.

Tor usage in Iran has made a full recovery days after the Iranian government started blocking encrypted Internet traffic.

Last Friday, the number of Iranian users connecting to the Internet through Tor’s anonymizing network had plummeted from roughly 50,000 per day to nearly zero. By Sunday, however, Tor usage was back to normal and expected usage levels, according to updated metrics provided by the Tor Project.

In response to Iranian censorship, Tor Project leaders rolled out a new obfuscated bridge that allows Iranians to circumvent the blockages and connect to the Internet through Tor once again. It’s unclear if the recovery in Internet connections is due primarily to steps taken by Tor and its users, but the government’s latest censorship program does not appear to have ended.

Reuters wrote on Tuesday that “millions of Iranians have suffered serious disruption recently in accessing e-mail and Internet social networking sites, raising concerns authorities are stepping up censorship of opposition supporters ahead of parliamentary elections next month.” Parliamentary elections are scheduled for March 2. Additionally, Google confirmed to Bloomberg on Monday that its services, including search, Gmail, and YouTube, had been blocked in Iran since Friday. We’ve asked Google for an update on the situation and will provide more details as we get them.

Canada’s conservative government has re-introduced an Internet surveillance bill that would allow the government to obtain information about Internet subscribers—without a warrant. The legislation would require service providers to provide law enforcement with IP addresses, e-mail addresses, phone numbers, and other information on demand.

The bill would also “require ISPs and cellular phone companies to install equipment for real-time surveillance and create new police powers designed to obtain access to the surveillance data.”

Members of the opposition have vowed to fight the legislation. More than 80,000 people have signed an online petition opposing the bill.

Challenged by an opposition member about the proposal, public safety minister Vic Toews cited child pornography as a justification for the bill. Opponents of the legislation “can either stand with us or with the child pornographers,” he said.

“Apparently if you care about civil liberties in this country you obviously side with child pornographers, murderers,” countered Green Party leader Elizabeth May said. “You’re the worst form of scum if you believe the Charter’s an important instrument for the rule of law in this country. I’m horrified by this kind of rhetoric. It demeans us all.”

The legislation is expected to be formally introduced at a press conference this afternoon.

One of the most mind-blowing areas of quantum mechanics is
entanglement: two or more particles separated in space can
have physical properties that are correlated. A measurement performed
on one particle will tell us the result of the same measurement taken on
an entangled particle. Entanglement is important but difficult to study,
both in terms of a theoretical understanding and doing experiments. While entangling relatively small groups of particles has been accomplished several times over the last
30 years (pioneered by Aspect et al. in 1982), scaling these
experiments up in sizes sufficient to create quantum computers and other complex
systems has eluded researchers.

A significant step forward has been accomplished by entangling eight
photons (previously six had been the largest number). Researchers
from Shanghai’s University of Science and Technology of China created a system where eight photons were equally likely to be
polarized in a specific orientation, something
known colloquially as a “Schrödinger cat” state. In a paper
published in Nature Photonics, authors Xing-Can Yao et
al. describe a new technique that uses ultra-bright photon sources to control for some of the problems that plagued earlier entanglement
experiments.

Cisco came up with an interesting prediction in its latest forecast of global mobile data traffic: by the end of this year, there will be more Internet-connected mobile devices than people on Earth.

“By the end of 2012, the number of mobile-connected devices will exceed the number of people on Earth, and by 2016 there will be 1.4 mobile devices per capita,” Cisco said in its Global Mobile Data Traffic Forecast Update released today. “There will be over 10 billion mobile-connected devices in 2016… exceeding the world’s population at that time (7.3 billion).”

The numbers include not just phones but tablets, laptops, handheld gaming consoles, e-readers, in-car entertainment systems, digital photo frames, cameras, and “machine-to-machine modules.” That latter category includes applications such as using wireless networks to update digital billboards.

Global mobile data traffic doubled for the fourth year in a row in 2011, and will grow 18-fold by 2016, hitting 130 exabytes a year (the equivalent of 33 billion DVDs, 4.3 quadrillion MP3 files, or 813 quadrillion text messages), Cisco said. Not surprisingly, streaming content, video in particular, is expected to play a huge role in increasing data traffic. Good news for users: mobile network speeds will increase nine-fold by 2016. Bad news: the days of unlimited data plans seem to be expiring quickly, with few exceptions.

The Wall Street Journal has gone ahead and called it on LTE support being included in the next iPad, claiming both AT&T and Verizon will carry the 4G-capable device. The publication cites its usual “people familiar with the matter,” noting once again that the next-gen iPad—currently dubbed the “iPad 3″ by the rumor mills—is expected to be announced the first week of March. Meanwhile, in a separate report, the Journal claims Apple is actively testing an 8″ version of the iPad.

The idea of LTE support being included in the iPad 3 isn’t new—previous rumors from other reputable sources (most notably, Bloomberg) have made the same claims, though skeptics have been hesitant to believe it fully. Part of the reason for that skepticism is that LTE networks are still largely limited to the US, and there only in some metropolitan areas. This means the majority of would-be iPad 3 buyers wouldn’t have access to a high-speed LTE network just yet, although both AT&T and Verizon are actively working on rolling out their networks to more markets.

Apple CEO Tim Cook has listed out the downsides of adding LTE support to Apple’s devices in the past, claiming that the trade-offs in battery life and chip size weren’t worth it for the time being. (”LTE would force design compromises we’re not willing to make,” Cook said when the Verizon iPhone was announced in early 2011.) But things could certainly change this year thanks to the latest Qualcomm chips expected to be integrated into iOS devices this year.

As for the alleged 8″ iPad in testing, the WSJ claims it would have a similar screen resolution to the iPad 2. Citing “officials at some of Apple’s suppliers,” the publication does note that Apple often tests new designs with its suppliers and may not even choose to make this 8″ iPad if it decides the costs are too high or the market segment isn’t worth chasing. Again, Cook has repeatedly said during Apple’s fiscal calls that he believes the current iPad form-factor is the most ideal for reading and surfing the Web, so it would seem unlikely that Apple would dive into that market now. Then again, his predecessor Steve Jobs made a habit of talking trash about certain products just before rolling out an Apple version, so there’s no way to know—at least from the outside—how serious Apple is about this supposed “iPad mini.”

Say an EKG machine is monitoring your heart, when it suddenly flatlines. You’d be keenly interested to know whether your heart had stopped or the machine had simply gone on the fritz. Paleontologists have faced a similar (if slightly less urgent) puzzle when it comes to the geologic record of life: does the fossil record we see reflect the state of ancient ecosystems, or is it just the readout from a defective instrument? A recent paper in Science gives reassuring support to the fidelity of the rock record.

It’s fascinating to study how species diversity has changed through time, since we can see the effects of major events in Earth’s past and watch evolution play out. It’s literally reading the history of life on Earth. That’s a story we naturally want to know and tell. But fossils are difficult to come by—after all, less than one percent of extinct species are represented in the fossil record. As an imperfect recorder, we have to worry how much the evidence in the rocks is telling us about the organisms, and how much we’re just seeing changes in the rocks themselves.

Google got exactly what it needed today to close the book on its $12.5 billion acquisition of Motorola Mobility. With approval from both US and European authorities, Google is set to acquire one of the biggest Android hardware makers and a portfolio of 17,000 patents (assuming the deal is also approved by China, Taiwan, and Israel).

But regulators on both sides of the pond went out of their way to warn Google not to abuse the patents, with the Justice Department comparing Google’s patent statements unfavorably with what Justice views as more responsible statements made by Apple and Microsoft. In effect, regulators from both the US and Europe said there wasn’t enough evidence to prevent Google’s acquisition of Motorola today, but warned that Google’s future actions could invite antitrust scrutiny.

Google Wallet will temporarily stop provisioning prepaid credit cards to prevent the exploitation of a recently discovered vulnerability which allows crooks to siphon funds out of devices that are lost or stolen.

Google disabled the prepaid capability on February 10, a day after The Smartphone Champ blog exposed what it called a “painfully easy” exploit that allowed people to recover prepaid balances stored in Google Wallet without knowing the personal identification number protecting the app. To exploit the flaw, attackers need do nothing more than clear data from its settings menu and set a new PIN.

“The problem here is that since Google Wallet is tied to the device itself and not tied to your Google account, that once they set the new pin and log into the app, when they add the Google prepaid card it will add the card that is tied to that device,” a blogger with the name Hashim wrote. “In other words, they’d be able to add your card and have full access to your funds.”

Osama Bedier, vice president of Google Wallet and Payments, said phones that are accessible only when a user PIN or pattern are entered into the device, aren’t vulnerable to the attack. He encouraged all users of the mobile payments service to enable such lock screens, which aren’t turned on by default. But he said Google was temporarily disabling provisioning of prepaid cards as a precaution until a permanent fix for the underlying vulnerability is made.

The exploit from The Smartphone Champ came a day after an engineer at security firm Zvelo disclosed a separate method for cracking Google Wallet PINs on Android devices that have been rooted. The vulnerability stems from the decision to store cryptographic hashes in a database that’s associated with the app, rather than the handset’s Secure Element chip, McAfee researcher Jimmy Shah blogged.